Last updated: June 14, 2026. Customers notified at least 30 days before changes take effect.
| Sub-Processor | Category | Processing Purpose | Data Types | Region / Safeguard |
|---|---|---|---|---|
| Amazon Web Services (AWS) DPA | Cloud infrastructure | Hosting, storage, compute | All user and organization data | eu-central-1 (Frankfurt, EU) — GDPR-adequate |
| Paddle Billing DPA | Payment / Merchant of Record | Subscription billing, payment processing, refund management | Billing address, subscription state (card data never enters Usherfly systems) | Paddle's own infrastructure — MoR via Estonian OÜ entity |
| Transactional email provider | Email delivery | Onboarding notifications, system emails, account alerts | Email address, name, notification content | Provider selection within GL-5 scope; DPA link to be added upon selection |
| PostHog DPA | Product analytics | Usage pattern analysis, feature adoption tracking, consent-gated session replay | Pseudonymous event data (no IP capture), masked session recordings | EU data region (eu.i.posthog.com) — GDPR-adequate |
| Sentry DPA | Error tracking | Technical error monitoring, performance tracking | Error stack traces, platform context (personal data minimized) | EU data region — GDPR-adequate |
| Anthropic (Claude) DPA | AI | AI onboarding flow generation | Admin-provided flow description, role, and context text (admins are instructed not to include onboardee personal data in these fields; the description and context are sent transiently and not stored persistently by Usherfly, while the optional role may be retained in flow-generation audit logs) | United States — transferred under Standard Contractual Clauses (SCCs) via the Anthropic Commercial Terms (execution confirmation pending) |
| OpenAI DPA | AI | AI onboarding flow generation | Admin-provided flow description, role, and context text (admins are instructed not to include onboardee personal data in these fields; the description and context are sent transiently and not stored persistently by Usherfly, while the optional role may be retained in flow-generation audit logs) | United States — transferred under Standard Contractual Clauses (SCCs) via the OpenAI DPA (execution confirmation pending) |
| Google (OAuth / Workspace) DPA | Authentication | Authentication / sign-in identity | Name, email, Google account id | United States — transferred under Standard Contractual Clauses (SCCs) via the Google Cloud DPA; consent at sign-in (Google OAuth) |
| SMS providers (Twilio, İletimerkezi) | SMS delivery | Delivery of transactional onboarding messages and opt-in marketing messages by SMS | Phone number, message content | Region / transfer mechanism to be finalized before go-live — a GDPR-adequate safeguard will be in place; DPA link to be added on go-live |
| WhatsApp provider (planned) | WhatsApp messaging | Delivery of transactional onboarding messages and opt-in marketing messages over WhatsApp | Phone number, message content | Provider selection to be finalized before go-live — a GDPR-adequate safeguard will be in place; DPA link to be added upon selection |
Questions: legal@usherfly.io
Security disclosure: If you have found a security vulnerability, please report it to security@usherfly.io. We review reports and respond in line with responsible-disclosure principles.
Data Processing Agreement